I have a client-server application (Android client, Apache Http server) communicating through mutual authentication (TLS 1.2). The problem: Sometimes the connection (login) fails with an SSL error.
This works:
This does not work:
Note: Killing the app after step 4 and then start it and perform step 5 works.
Possible explanations that I can think of:
Android (client) logs:
02-11 15:58:29.827 21352-23374/com.mycompany E/com.mycompany.Connection﹕ ERROR Read error: ssl=0x99116c00: Failure in SSL library, usually a protocol error
error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error (external/openssl/ssl/s3_pkt.c:1303 0x9928fa60:0x00000003)
error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure (external/openssl/ssl/s3_pkt.c:1036 0xa613bcc5:0x00000000)
retrofit.RetrofitError: Read error: ssl=0x99116c00: Failure in SSL library, usually a protocol error
error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error (external/openssl/ssl/s3_pkt.c:1303 0x9928fa60:0x00000003)
error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure (external/openssl/ssl/s3_pkt.c:1036 0xa613bcc5:0x00000000)
Server logs:
[Thu Feb 11 14:58:16.736172 2016] [ssl:error] [pid 4424:tid 2088] [client 194.161.218.157:36836] AH02261: Re-negotiation handshake failed
[Thu Feb 11 14:58:16.736172 2016] [ssl:error] [pid 4424:tid 2088] SSL Library Error: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01
[Thu Feb 11 14:58:16.736172 2016] [ssl:error] [pid 4424:tid 2088] SSL Library Error: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
[Thu Feb 11 14:58:16.736172 2016] [ssl:error] [pid 4424:tid 2088] SSL Library Error: error:1408807B:SSL routines:ssl3_get_cert_verify:bad signature
[Thu Feb 11 14:59:24.655282 2016] [ssl:error] [pid 4424:tid 2088] [client 194.161.218.157:34530] AH02261: Re-negotiation handshake failed
[Thu Feb 11 14:59:24.655282 2016] [ssl:error] [pid 4424:tid 2088] SSL Library Error: error:04067084:rsa routines:RSA_EAY_PUBLIC_DECRYPT:data too large for modulus
[Thu Feb 11 14:59:24.655282 2016] [ssl:error] [pid 4424:tid 2088] SSL Library Error: error:1408807B:SSL routines:ssl3_get_cert_verify:bad signature
My setup:
Android version 5.1.1
Retrofit version 1.9.0
OkHttp version 2.7.2
Apache HTTP server version 2.4.17
Any clues what could be wrong or suggestions what to do to get to the bottom of this?
我没有在其余适配器上显式设置 ConnectionPool 绕过了这个问题(因此相同的默认实例被重用)。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.